256-bit Rijndael blocksize?

3
votes

I am trying to port a decryption routine from C# program to C++ using cryptopp, but I have a problem. In the C# program, the key and IV are both 256 bits. So I tried to do something like this:

    char *hash1 = "......";
    std::string hash2;

    CryptoPP::StringSource(hash1, true,new CryptoPP::Base64Decoder(new CryptoPP::StringSink(hash2)));
    CryptoPP::Rijndael::Decryption decryptor(key, 32);
    CryptoPP::CBC_Mode_ExternalCipher::Decryption cbcDecryption( decryptor, iv);
    CryptoPP::StreamTransformationFilter stfDecryptor(cbcDecryption, (new CryptoPP::StringSink( decryptedData ) ));
    stfDecryptor.Put( reinterpret_cast<const unsigned char*>( hash2.c_str() ), hash2.size() );
    stfDecryptor.MessageEnd();

and I am getting

StreamTransformationFilter: ciphertext length is not a multiple of block size.

I tried to pass IV size like this:

    CryptoPP::CBC_Mode<CryptoPP::Rijndael >::Decryption decr;
    decr.SetKeyWithIV(key, 32, iv, 32);

But then I get:

IV length 32 exceeds the maximum of 16.

So, how can I decrypt data, when it was encrypted by IV with length = 32?

1
c++encryptionaescrypto++
Judging by the diagram on the CryptoPP website I'm somewhat hesitant to suggest it supports anything besides 128bit blocks. (Obvioiusly it supports larger keys). If their cut is only AES-compliant, then that makes sense, as no AES derivative uses more than 16-byte blocks and IVs). A peek at the header file is pretty telling. - WhozCraig
@WhozCraig You mean the part where it says FixedBlockSize<16> ? - Maarten Bodewes
@owlstead Pretty much, yeah. Ii honestly don't know if it would even work to derive your own Rijindael_Info32 as an extension of public FixedBlockSize<32>, public VariableKeyLength<16, 16, 32, 8>, or even a public FixedBlockSize<32>, public FixedKeyLength<32> and the rest of the algorithm would just take hold and work, as I'm not familiar enough with CryptoPP to make that call. The pessimist in me says it isn't bloody likely. - WhozCraig
@WhozCraig Well, I'm not an expert on Rijndael implementations, but I'm still pretty sure that is not very likely as well. - Maarten Bodewes
@WhozCraig posted our findings as an answer, upped a few of your accepted/good answers in return - Maarten Bodewes

1 Answers

3
votes

Looking at the implementation, the current iterations of crypto++ only support Rijndael with a block size of 16 bytes. As the IV has to be precisely a single block for CBC mode, Rijndael with a 256 bit block size does not seem to be possible.